The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

how to protect a ... password protected dir ..from brute force?

Discussion in 'Security' started by deltafarce, Nov 7, 2013.

  1. deltafarce

    deltafarce Registered

    Joined:
    Mar 28, 2012
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    A customer of mine has a Joomla web site and the 'administrator' dir is password protected.

    For some reason, starting a few days ago we've had thousands of IPs (russian block mostly) trying to brute force the http password for the dir resulting in CSF banning an IP every few seconds.

    But since we can only block a few hundred IPs, this means every couple of hours all the old brute forcers are back at it automatically.

    Anyway, just wondering if there is any decent way of stopping this nonsense using mod_rewrites maybe?

    Basically would ideally prefer to limit the 'administrator' dir to ONE specific IP and anyone else visiting the URL should be automatically re-directed (to google.com for example) without being prompted to log in.

    Essentially, limit the http password entry to only one IP for this one particular dir (administrator). Cheers. D.
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You might do better to ask this on the Joomla support forums. This thread may be of limited use:
    /http://forum.joomla.org/viewtopic.php?f=621&t=611517
     
  3. deltafarce

    deltafarce Registered

    Joined:
    Mar 28, 2012
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    For anyone who comes accross this in 2021...

    this works:

    Order Deny,Allow
    Deny from all
    Allow from 1.2.3.4

    just above the AuthType Basic in your .htaccess file (in the administrator dir) 1.2.3.4 being your static IP that you want to allow.

    Now if only I could redirect them some place else instead of serving 403's...but atleast this solves the issue of thousands of bots filling our firewalls..
     
Loading...

Share This Page